Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what brands are good and homelab friendly? I’ve heard great things about Ubiquity, but know nothing about their products. I do wish to buy a mesh system, as I do have 2 floors and concrete walls in the new place. I am looking for something easy to maintain, yet customizable for when I get more comfortable with playing around with networking equipment.

I have some experience with TP-link + decos, but really dont like their app and default settings. Blocks mullvad.net by default for instance…

If it matters, there will only be 2 people connected normally ~ approx 8 devices or so in total.

  • 2 phones,
  • 2 laptops (wired if possible)
  • 1 desktop comupter (wired)
  • server (wired)
  • Nvdia shield (wired)
  • RaspberriPi (wired)

Am also aiming to buy a 1000/1000 Mbps connection :)

Lemmy know what you would recommend in this scenario, and please feel free to ask about further details if I have missed anything, Thanks as always!

  • doeknius_gloek@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    ·
    5 months ago

    I’m currently having a good experience with MikroTik. I think their products provide a good combination of features and pricing. There are a “CRS317-1G-16S+” and a “CSS326-24G-2S+RM” in my rack and I have my eyes on the “CSS610-8P-2S+IN” as a efficient little POE switch.

    I haven’t used Ubiquity, so I can’t compare these two brands.

    For APs I’m currently using TP Link Omada with a selfhosted Omada Controller and for Routing, DNS, Firewall and stuff I use OPNsense.

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    I recommend building your own router. It might sound complicated but it’s not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you’re ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I’m very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.

      • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        5 months ago

        It’s not cheap, but this setup doesn’t just serve as a router. It’s also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I’m speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it’s called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it’s very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.

  • noride@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    5 months ago

    A lot of negativity around Ubiquity in here, which is surprising to me, honestly. I had their USG for years and loved it, recently swapped it out for the Dream Machine and love it. Really don’t understand the complaints about linking it to the cloud. I just didn’t bother, everything works fine. Additionally, I managed to get a Debian container running on it and installed ntopng, it’s been awesome for getting realtime visibility into my network traffic.

    E. I should add I have 6 of their switches and 3 access points, one of which is at least 7 years old and still receiving updates.

  • friend_of_satan@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    5 months ago

    I have been using ubiquiti for years, and I would strongly caution against using them. They are forcing some devices to sign on to ubiquity cloud and synchronize with their cloud services, and are forcing those sign ins to use MFA. I really miss the ubiquity from 2020, where it was all local. Next time I upgrade my gear, I will probably not buy an ubiquiti router/gateway.

    Also the upgrade process from Usg to dream router was awful. Also they don’t let you run unifi in docker with a dream router, you are forced to run it on-device.

    • keyez@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      I have an all Ubiquiti setup and only use local accounts for everything. UDM Pro, 2 8 port switches and 2 APs, U6Mesh and another older AP. One of my accounts had me turn on MFA but every device still let’s me use a local account with a password and ssh key. Do you know what devices are forcing that?

    • IHawkMike@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      I would never use their firewalls/gateways, but their switches are pretty good for the price and their APs are decent (although tbh after 3 generations my next AP will likely be an enterprise Aruba).

      That said, I still use Unifi in docker, everything is up to date, and nothing is requiring a sign-in to the cloud. Am I missing something? If it’s just the firewalls, then I’m not surprised since I’ve never been remotely tempted to use them, but it sure isn’t all of their devices.

    • grue@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      I really miss the ubiquity from 2020, where it was all local.

      I was definitely leery of Ubiquity for that reason since before 2020. Even though back then it could all be local, I feel like pushing people to the cloud was already well-established as being a thing.


      My criteria for routers and wi-fi access points up to this point has basically been “can run OpenWRT and is relatively cheap,” so I’ve settled in on TP-Link. I’m still running on an old Archer C7 from a decade(?) ago and would like to have something that fits in my rack for aesthetic purposes, though, so my next router might be a 1U DIY x86 machine running OPNsense instead.

      • cmnybo@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        It’s getting harder to find routers that will run open source firmware. The best option is to run OPNsense or pfSense on a low power x86 machine and use separate APs for WiFi.

  • Decronym@lemmy.decronym.xyzB
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    5 months ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    AP WiFi Access Point
    DNS Domain Name Service/System
    PoE Power over Ethernet
    SSL Secure Sockets Layer, for transparent encryption
    TLS Transport Layer Security, supersedes SSL
    Unifi Ubiquiti WiFi hardware brand

    [Thread #787 for this sub, first seen 5th Jun 2024, 22:15] [FAQ] [Full list] [Contact] [Source code]